CUISPA Podcast #30 for April 21, 2010 (recorded
4/17/2010) ÒPicks #1Ó
In this episode, the guys discuss their picks
for useful utilities that they use.
Questions, comments or contributions? Email us at podcast@cuispa.org
Alex's picks:
1)PSTools:
http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx
2)PuTTy:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
3)iPhone Enterprise deployment guide:
http://www.apple.com/support/iphone/enterprise/
4) Vmware Workstation
www.vmware.com
John's Pick's:
1) Macroscheduler - is a scripting product (IDE)
that allows for the automation of many Windows tasks.
Ranges in price from $50 for the Lite version
that runs on one system to $600 for the Enterprise version. Lite version for home use is $20.
2) Irfanview - is a Windows image and movie
viewer. It is fast and small. It also does batch processing very well
and very easily. Need to convert a
directory of pictures to a set size?
This is your tool. Free for
personal use, $12 per copy for non-personal use. (Free for schools and libraries.)
3) Paros Proxy - is a free web traffic auditing
tool written in Java. Since it's
written in Java it works with almost any platform. Run it on your system and set your browser to use the
loopback address as a proxy on port 8080 for HTTP and HTTPS traffic. Now, all traffic from and to your
browser is displayed in Paros. You
can set it to pause when data is received so you can view and even alter the
data your browser is sending or receiving. Great for seeing what exactly is going on as well as testing
security. Free, but they accept
donations.
4) Kiwi Syslog Server - is a Windows-based
syslog server. You can have your
network devices and servers. It
supports powerful filtering and rules so you can set up alerts as well as
filter data into different files.
There is a free, limited version, mostly for
evaluation purposes or very simple situations. The full version is $245.
4b) Snare Agent for Windows - converts Windows
event log events into syslog events that you can then have sent to a syslog
server. Free.
http://www.intersectalliance.com/projects/SnareWindows/index.html
LarryÕs Picks:
1) Notepad++:
Is what Microsoft Notepad should have evolved
to. Excellent replacement that supports multiple file viewing, regex search,
macro recording/playback, multiple programming languages (c++, java, perl,
python, xml, objective-c, etc) and plugins ( hex editor, base64 conversion,
file compare,É)
http://notepad-plus.sourceforge.net/uk/site.htm
2) Firefox Addons:
Scrapbook:
Extension, which helps you to save Web pages and
manage the collection. Key features are lightness, speed, accuracy and
multi-language support. Features: Save Web page, Save snippet of Web page, Save
Web site (In-depth Capture), page editing features (highlight, erase, text
edit). Windows and Mac.
http://amb.vis.ne.jp/mozilla/scrapbook/
Web Of Trust Safe Browsing Tool:
A safe
surfing tool for your browser. Traffic-light rating symbols show which websites
you can trust when you search, shop and surf on the Web. (Has privacy policy).
Windows and Mac.
https://addons.mozilla.org/en-US/firefox/addon/433
3)
Phishtank:
4)
SANS Investigative Forensic Toolkit (SIFT) Workstation: update to Version 2.0
created by Rob Lee
The
SANS SIFT Workstation is a VMware Appliance that is pre-configured with all the
necessary tools to perform a detailed digital forensic examination. It is
compatible with Expert Witness Format (E01), Advanced Forensic Format (AFF),
and raw (dd) evidence formats. The brand new version has been completely
rebuilt on an Ubuntu base with many additional tools and capabilities that can
match any modern forensic tool suite.
https://computer-forensics2.sans.org/community/siftkit/